gdpr-data-handling

Implement GDPR-compliant data handling with consent management, data subject rights, and privacy by design. Use when building systems that process EU personal data, implementing privacy controls, or conducting GDPR compliance reviews.

1.25x

Quality

71%

Does it follow best practices?

Impact

98%

1.25x

Average score across 3 eval scenarios

Securityby

Passed

No known issues

Optimize this skill with Tessl

npx tessl skill review --optimize ./tests/ext_conformance/artifacts/agents-wshobson/hr-legal-compliance/skills/gdpr-data-handling/SKILL.md

Evaluation results

100%

18%

Cookie Consent Manager

Consent management system

Criteria

Without context

With context

Consent record fields

70%

100%

Audit log included

30%

100%

Atomic consent+audit update

25%

100%

Policy version stored

100%

Proof fields stored

100%

Event bus emission

75%

100%

Latest consent check

100%

Opt-in checkboxes

100%

Separate per-purpose checkboxes

100%

Necessary processing exempt

100%

Consent history accessible

100%

13%

User Data Rights Portal

Data subject rights handling

Criteria

Without context

With context

30-day response deadline

100%

Extension provision

100%

Four request types

100%

Identity verification gate

100%

DPO notification on submission

100%

Access response: retention info

100%

Access response: processing purposes

37%

100%

Access response: third-party recipients

100%

Erasure legal exception check

100%

Erasure exception recording

100%

Portability export as JSON

100%

Portability export metadata

100%

96%

29%

Privacy-First Data Architecture for Wellness Platform

Privacy-by-design data model and retention

Criteria

Without context

With context

Separate PII schema

100%

Separate analytics schema

100%

UUID user identifiers

100%

Email hash for lookup

100%

PII encrypted with key reference

22%

100%

Pseudonymized analytics IDs

100%

Generalized device info

83%

100%

Country-level location only

100%

Purpose-based data minimization

100%

IP generalization to country

100%

Correct retention periods

37%

75%

Archive before delete

42%

71%

Anonymize analytics not delete

12%

100%

Retention action logging

100%

Repository: Dicklesworthstone/pi_agent_rust
Commit: 47823e3

Evaluated: about 1 month ago
Agent: Claude Code
Model: Claude Sonnet 4.6

Table of Contents

Cookie Consent Manager User Data Rights Portal Privacy-First Data Architecture for Wellness Platform

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.